[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: pwdCheckModule not loaded

2011/12/1 Fabian Heinz <fabian.heinz@xinfo.de>

Hi together,


I want to setup password policy in a small company.


We’re using openldap for a while without any pw constraints.


Now I got ppolicy working and pw update fails correctly on the defined constraints.

But I am not able to load the pwdCheckModule.


I implemented some basic function which should always fail, just to see it is working. But it seems not be loaded.


I compiled it as shared library with libtool and tried different locations with no result.

I even cannot find any logging information about that.


Can you give some tips where to find the loggings or how to increase them. At the moment I configured slapd.conf to loglevel  -1

And can only find logging in the syslog



Here my policy ldif


version: 1

DN: cn=default,ou=policies,dc=company,dc=com

objectClass: top

objectClass: device

objectClass: pwdPolicy

objectClass: pwdPolicyChecker

cn: default

pwdAllowUserChange: TRUE

pwdAttribute: userPassword

pwdCheckModule: libcheck_password.so

pwdCheckQuality: 1

pwdExpireWarning: 432000

pwdFailureCountInterval: 0

pwdGraceAuthNLimit: 0

pwdInHistory: 0

pwdLockout: TRUE

pwdLockoutDuration: 1920

pwdMaxAge: 7516800

pwdMaxFailure: 4

pwdMinLength: 8

pwdMustChange: TRUE

pwdSafeModify: FALSE



I tried to put the shared library to /usr/local/lib and /usr/lib/ldap


Both had not effect.


try to configure modulepath directive with the path containing your module. By default, modules are searched in OPENLDAP_ROOT/libexec/openldap/